1. Field of Invention
The present invention relates generally to a network communication system and more particularly to the policy framework within a network communication system.
2. Background of the Related Art
A Web Service (WS) system is a software system designed to support interoperable machine-to-machine interaction over a network. Web Services are frequently web Application Platform Interfaces (API) that can be accessed over a network, such as the Internet, and executed on a remote system hosting the requested services. The World Wide Web Consortium (W3C) definition of Web Service encompasses many different systems, but in common usage the term refers to clients and servers that communicate using XML messages that follow the Simple Object Access Protocol (“SOAP”) standard.
The Web Services Policy Framework (“WS-Policy”) is a specification that provides a flexible and extensible grammar for various entities in a web services-based system to express and advertise their policies, which include, but are not limited to, system capabilities, requirements, quality of service, security requirement, encryption support, and other general characteristics. WS-Policy defines a framework and a model for the expression of these properties as policies.
In a provider-client type environment, the WS-Policy typically involves the provider making a “policy assertion” including a policy that is a requirement. According to the WS-Policy Framework Specification, Version 1.5 (September 2007), available at http://www.w3.org/2002/ws/policy, the assertions are typed by the domain authors that define them and indicate domain-specific (e.g., security, transactions) semantics. A “policy alternative” is a logical construct which represents a collection of policy assertions. A service provider policy typically contains several choices asserted in the policy alternative, which a consumer of the service has a choice to pick from. For example, a message privacy policy could offer a variety of encryption algorithms for the client to choose from. Once the client picks a policy assertion from the policy alternative, all interactions between the client and the provider must conform to that particular policy.
A difficulty with the current WS-Policy framework, however, is that once the client chooses a policy from among the policy alternatives, there is no way for the client to indicate directly to the provider which policy alternative it has chosen. Thus, the provider can only rely on the incoming messages to implicitly determine the policy alternative picked by the client based on the protocol elements present in the incoming messages. This lack of sufficient communication between the provider and the client becomes troublesome, however, where a policy element does not include a protocol level manifestation. Also, in some cases, a single policy element could be present on more than one policy alternative. In such cases, it is not possible for the provider to accurately determine which alternative a client has picked. Accordingly, what is needed is a protocol that allows the various entities of a WS system to communicate the selected policy.